94% of Indian organisations struggle with security 'silos': Report
Due to the rapid pace of threat evolution, siloed security solutions implemented as little as 5-6 years ago may already be outdated and are posing greater threats to businesses. A new study reveals that a whopping 94% of organisations in India describe their current security model as “siloed" and that over two thirds or 67% of cybersecurity professionals work with more than ten different security tools or solutions across their organisation, making the setup extremely ‘disconnected’.
The study done by cybersecurity company Trellix that interviewed 9,000 security professionals globally, including 1,000 from India, also said that disconnected solutions are holding businesses back. Seven in ten (70%) cybersecurity professionals admit their current security tools don't enable their security team to work with maximum efficiency. Almost one third (29%) recognise they have blind spots in their protection today.
Globally, as a result of poor security practices, 82% estimate their organisation lost up to 10% of revenue from security breaches in the last twelve months. Medium-sized businesses (with $50-100m revenue) lost an average of 9% in revenue, compared to almost 6% for large businesses (with a turnover of $10 billion-$25 billion), representing revenue losses of between $600 million and $1.5 billion.
Disconnected solutions are holding businesses back, said Venkat Krishnapur, vice-president of engineering and managing director, Trellix India said, “The majority of current security options rely on siloed intelligence.
For example, seven in ten (70%) cybersecurity professionals admit their current security tools don’t enable their SecOps team to work with maximum efficiency. Almost one third (29%) recognise they have blind spots in their protection today, and 72% cyber security professionals admit security threats evolve so rapidly, they’re struggling to keep up, it said.
Moreover, the report said, on average, respondents’ organisations deal with 55 cybersecurity incidents each day, while over 42% admit they cope with 50 to 200 incidents daily.
Krishnapur said that the "increasing number and complexity of cyberattacks are forcing security teams into a noticeably constant reactive posture. Hence, we are unknowingly creating security silos".
Not just Trellix, an October 2021 study by cyber security firm Cyware also revealed that 64% of respondents note that sharing cyber threat intelligence between their organisations’ security operations centre (SOC), incident response and threat intelligence teams is limited — creating a siloed setup. Organisations also cite several data silos and data access issues that hamper their ability to achieve collective defence.
The report conducted by Forrester Consulting, also noted that obstacles to unifying technologies include cross team collaboration (55%), data silos within security teams (47%) and functional silos within security (45%). Anuj Goel - Co-founder and CEO - Cyware Labs, believes that cyber security teams cannot succeed without a centralised view of the data from other cyber and IT applications within their environments.
Further, with so much information on security tools and solutions, and with a limited number of skilled experts CISOs believe that businesses may not comprehend their own level of security maturity and business risk or whether they are vulnerable to attack.